-
-
Notifications
You must be signed in to change notification settings - Fork 364
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove jsome dependency #914
Labels
You Can Do This
This idea is well spec'd and ready for a PR
Comments
mathiashoeld
changed the title
Remove or update jsome dependency
Remove jsome dependency
Aug 28, 2019
Happy to have that switched out with something similar 👍 |
https://github.com/rafeca/prettyjson could do it |
watchinharrison
added a commit
to watchinharrison/danger-js
that referenced
this issue
Sep 24, 2019
repalce jsome with prettyjson removes security issue with sub deps of jsome
watchinharrison
added a commit
to watchinharrison/danger-js
that referenced
this issue
Sep 24, 2019
repalce jsome with prettyjson removes security issue with sub deps of jsome
This was referenced Sep 25, 2019
This was referenced Oct 14, 2019
This was referenced Oct 21, 2019
This was referenced Oct 21, 2019
I think this issue was resolved by #920. Can we close it? |
Ace, sure |
This was referenced Oct 28, 2019
This was referenced Nov 4, 2019
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The npm package
mem
is marked as security vulnerability by Github. The package is a dependency ofos-locale
which is a dependency ofyargs
which is a dependency ofjsome
which has not been updated for 2 years, i.e. it is not likely that theyargs
dependency will be updated anytime soon. (See this issue for reference)To remove this security vulnerability it would be ideal to remove the dependency on jsome since it is probably only used only for styling the json output.
The text was updated successfully, but these errors were encountered: